Posts by Pascal Monett

Uncalled for ? Really ?

With the amount of people who just include a library on GitHub and never worry about what it actually does until said library falls over, it's not really uncalled for.

Personally, where I to include someone else's library, I would import it into my code stack, review the code to ensure that it does what it says on the tin and nothing else, and - after testing the thing to hell and beyond - include it in my production code stack.

Of course, it is then up to me to set a watch over that library to check when it is updated and what the update is, but that's my problem.

The rub is, developers hate problems, so they just link to library and let history run its course.

It's not because, in this particular case, developers had no way to avoid the issue that the argument does not stand.

I had a similar issue in one of my consulting gigs. I had created the application that the user had specced, and testing had gone swimmingly until one day the user called and complained that his notifications in said application were not going out to the right people.

I checked the code and the logs, and could find nothing wrong. I racked my brain trying to find out what the issue could actually be. After two days of searching, I finally hit upon an idea : he was using a local group that was named the same as the group defined on the server.

Not bothering with asking him the question because I was sure he'd deny any fault on his part, I simply changed the log to record the actual names of the people that were supposed to be notified. Sure enough, the next time he called to complain that it was _still_ not sending to the proper people, I checked the log and compared it to the server group : not equal.

I printed out the log and went to his desk and confronted him with the proof.

Never heard of him again.

Re: Surely one answer would be...

Maybe, maybe not.

But I have one sure-fire solution : mute the speakers.

At home, of course, my speakers can be active, especially now that I have somewhat more time for YouTube. But I use uBlock Origin with NoScript on Firefox, so I don't see ads, therefor they cannot spout any ultrasonic anything.

With my laptop, I also use the same browsing configuration but, on top of that, I have my speakers muted. Good luck spouting any noise whatsoever.

So, whether or not an app is listening, I am the deep sea nuclear submarine that passes unnoticed.

Officials need to re-read the Cloud Act.

Basically put, nobody's data is safe from US scrutiny if it is stored on a server that is controlled by a company that has a presence in the USA. And no judge is going to go against that.

Excerpt from the article :

"First, the Act amended U.S. law to authorize U.S. law enforcement to unilaterally demand access to data stored outside the U.S."

It's a demand, not a request.

Yeah, mainly all the craters that pockmark its surface.

So, basically, you're defending a keyboard that you don't use.

Right, so basically PwC created a sub-domain, decided not to keep it alive, and someone else took control. That's not hacking in any way, shape or form.

Re: I reuse the same password on loads of sites

I will admit that I have a throwaway password for sites that I do not consider important, yet still ask me for a login, or sites that I have no intention to return to after the reason for which I went there in the first place.

But for anything important, I have a system that gives me at least 13 characters, and I have a database to store them in along with the URL that is concerned.

Re: your location is known static constant in this, you're at home

Well yes, unless you work in the food industry, in the transport industry, in the medical field, in a gas station, or in any other "essential" business.

So there's a few people who are _not_ at home.

Re: OK, I'll bite.

Well, the article does state that "Support for other imaging editing programs in the works, wee're told".

How long that will take, if it ever happens, is anyone's guess.

That is the unfortunate reality. When you believe a conspiracy, anything that is done against your movement is proof that you're right.

It takes an intelligent mind to question one's beliefs, and it takes a truly intelligent mind to do so despite being absolutely convinced that you are right.

Einstein and Hawking were truly intelligent minds who both ended up admitting they were wrong on some point. Anti-5Gers are no Einsteins.

Re: is the problem just that I'm not down with the cool kids?

Probably that. But neither am I, you know. I use Gmail for my professional mail only. For the rest, I have a French national mail account (with La Poste, the French mail service), and then I have my personal mail server for everything strictly private, between friends and a special spam account for when I have to sign up to some site that doesn't deserve it.

I access my Gmail with a Chrome, obviously (work, remember ?), but I forward everything I get to one of my personal accounts which I access with Lotus Notes via POP.

For all the rest of my email accounts, I use Thunderbird, which is configured to not leave mail on the server. And I purge my Gmail account as soon as a thread is no longer relevant.

In other words, my mail is local, I don't leave it on someone else's server. Not even mine.

Re: "whoever was doing the testing"

Whoever it was, he was never employed at Boeing, apparently.

But honestly, this is not a tale of a major blunder saved in extremis. This is just a normal development cycle. Developer codes, tester tests, results come back and the cycle starts again until the code is approved for production.

That is exactly what happened.

You're missing the goal. Trump is blocking Huawei because Cisco doesn't have proper 5G gear yet, and Huawei does.

Xiaomi is only a mobe maker, it is not in the comms infrastructure game, so does not risk treading on Cisco, so will probably be immune from Trump action.

Agreed as far as location is concerned. Maybe people with feature phones don't work in office buildings ?

But as far as tracking is concerned, all governments have no need of anything special, they can all pressure the operators to give the user location history already, so no loss of privacy there, it's already lost.